OTL logfile created on: 13/10/2012 9:14:54 AM - Run 1 OTL by OldTimer - Version 3.2.69.0 Folder = D:\Store Stuff\Downloads Windows XP Home Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation Internet Explorer (Version = 8.0.6001.18702) Locale: 00001009 | Country: Canada | Language: ENC | Date Format: dd/MM/yyyy 2.49 Gb Total Physical Memory | 1.61 Gb Available Physical Memory | 64.50% Memory free 3.07 Gb Paging File | 2.33 Gb Available in Paging File | 75.66% Paging File free Paging file location(s): C:\pagefile.sys 756 1512 [binary data] %SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files Drive C: | 302.26 Gb Total Space | 272.31 Gb Free Space | 90.09% Space Free | Partition Type: NTFS Drive D: | 628.85 Gb Total Space | 505.13 Gb Free Space | 80.33% Space Free | Partition Type: FAT32 Drive S: | 931.20 Gb Total Space | 737.07 Gb Free Space | 79.15% Space Free | Partition Type: NTFS Drive T: | 931.20 Gb Total Space | 737.07 Gb Free Space | 79.15% Space Free | Partition Type: NTFS Drive U: | 931.20 Gb Total Space | 737.07 Gb Free Space | 79.15% Space Free | Partition Type: NTFS Drive Y: | 79.05 Gb Total Space | 3.16 Gb Free Space | 4.00% Space Free | Partition Type: NTFS Computer Name: OFFICE | User Name: Store | Logged in as Administrator. Boot Mode: Normal | Scan Mode: Current user | Quick Scan Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days [color=#E56717]========== Processes (SafeList) ==========[/color] PRC - [2012/10/13 09:14:00 | 000,602,112 | ---- | M] (OldTimer Tools) -- D:\Store Stuff\Downloads\OTL.exe PRC - [2012/10/10 07:06:17 | 001,239,064 | ---- | M] (Google Inc.) -- C:\Program Files\Google\Chrome\Application\chrome.exe PRC - [2012/10/02 14:03:36 | 002,712,200 | ---- | M] (Sysinternals - www.sysinternals.com) -- C:\Documents and Settings\Store\Local Settings\Temp\wza5c4\procexp.exe PRC - [2012/09/05 22:08:10 | 003,696,632 | ---- | M] (Acronis) -- C:\Program Files\Common Files\Acronis\CDP\afcdpsrv.exe PRC - [2012/08/29 12:03:38 | 001,996,200 | ---- | M] (LogMeIn Inc.) -- C:\Program Files\LogMeIn Hamachi\hamachi-2-ui.exe PRC - [2012/08/29 12:03:36 | 001,385,896 | ---- | M] (LogMeIn Inc.) -- C:\Program Files\LogMeIn Hamachi\hamachi-2.exe PRC - [2012/08/23 01:09:54 | 000,813,032 | ---- | M] (Acronis) -- C:\Program Files\Common Files\Acronis\Schedule2\schedul2.exe PRC - [2012/08/23 01:09:34 | 000,403,328 | ---- | M] (Acronis) -- C:\Program Files\Common Files\Acronis\Schedule2\schedhlp.exe PRC - [2012/08/23 01:08:50 | 006,010,264 | ---- | M] (Acronis) -- C:\Program Files\Acronis\TrueImageHome\TrueImageMonitor.exe PRC - [2012/08/18 21:18:30 | 007,017,888 | ---- | M] (Acronis) -- C:\Program Files\Common Files\Acronis\SyncAgent\syncagentsrv.exe PRC - [2012/07/29 20:52:22 | 000,976,728 | ---- | M] (Trusteer Ltd.) -- C:\Program Files\Trusteer\Rapport\bin\RapportMgmtService.exe PRC - [2012/07/29 20:52:20 | 001,673,048 | ---- | M] (Trusteer Ltd.) -- C:\Program Files\Trusteer\Rapport\bin\RapportService.exe PRC - [2012/07/24 15:13:58 | 000,941,440 | ---- | M] (Acronis) -- C:\Program Files\Common Files\Acronis\TibMounter\TibMounterMonitor.exe PRC - [2012/07/06 14:29:48 | 003,365,592 | ---- | M] () -- C:\Program Files\Siber Systems\GoodSync\Gs-Server.exe PRC - [2012/04/20 17:18:06 | 000,723,288 | ---- | M] (LULU Software) -- C:\Program Files\Soda PDF 2012\ConversionService.exe PRC - [2011/10/07 13:04:20 | 000,136,584 | ---- | M] (LogMeIn, Inc.) -- C:\Program Files\LogMeIn\x86\ramaint.exe PRC - [2011/05/17 14:11:04 | 000,374,160 | ---- | M] (LogMeIn, Inc.) -- C:\Program Files\LogMeIn Ignition\LMIGuardianSvc.exe PRC - [2011/04/12 17:53:28 | 003,951,616 | ---- | M] () -- C:\Program Files\WinSplit Revolution\WinSplit.exe PRC - [2011/04/12 17:53:28 | 000,015,872 | ---- | M] () -- C:\Program Files\WinSplit Revolution\WinSplitDrvr32.exe PRC - [2011/01/20 19:38:20 | 000,174,064 | ---- | M] (Panasonic Corporation) -- C:\Program Files\Common Files\Panasonic\PHOTOfunSTUDIO AutoStart\AutoStartupService.exe PRC - [2011/01/18 03:52:12 | 000,984,408 | ---- | M] (Intuit Canada ULC.) -- C:\Program Files\Common Files\Intuit\QuickBooks\QBUpdate\qbupdate.exe PRC - [2011/01/18 02:28:28 | 000,024,576 | ---- | M] (Intuit) -- C:\Program Files\Common Files\Intuit\QuickBooks\QBCFMonitorService.exe PRC - [2010/11/08 13:04:20 | 000,390,528 | ---- | M] (LogMeIn, Inc.) -- C:\Program Files\LogMeIn\x86\LogMeIn.exe PRC - [2010/10/29 15:00:00 | 010,166,088 | R--- | M] (WinZip Computing, S.L.) -- C:\Program Files\WinZip\WINZIP32.EXE PRC - [2010/09/17 16:40:06 | 000,063,048 | ---- | M] (LogMeIn, Inc.) -- C:\Program Files\LogMeIn\x86\LogMeInSystray.exe PRC - [2010/09/07 13:12:02 | 002,838,912 | ---- | M] (AVAST Software) -- C:\Program Files\Alwil Software\Avast5\AvastUI.exe PRC - [2010/09/07 13:11:59 | 000,040,384 | ---- | M] (AVAST Software) -- C:\Program Files\Alwil Software\Avast5\AvastSvc.exe PRC - [2010/03/09 00:42:02 | 000,029,984 | ---- | M] (Nuance Communications, Inc.) -- C:\Program Files\Nuance\PaperPort\pptd40nt.exe PRC - [2010/03/09 00:40:36 | 000,144,672 | ---- | M] (Nuance Communications, Inc.) -- C:\Program Files\Nuance\PaperPort\PDFProFiltSrvPP.exe PRC - [2010/03/05 20:11:30 | 000,636,192 | ---- | M] (Nuance Communications, Inc.) -- C:\Program Files\Nuance\PDF Viewer Plus\pdfPro5Hook.exe PRC - [2009/12/03 00:00:00 | 000,847,872 | ---- | M] (SEIKO EPSON CORPORATION) -- C:\Program Files\Epson Software\FAX Utility\FUFAXSTM.exe PRC - [2009/09/16 03:09:00 | 000,266,240 | ---- | M] (D-Link Corporation) -- C:\Program Files\D-Link\SharePort Utility\Connect.exe PRC - [2009/08/26 03:37:24 | 002,437,376 | ---- | M] (Axentra Corporation) -- C:\Program Files\NETGEAR\Stora Desktop Applications\HipServAgent\HipServAgent.exe PRC - [2009/05/05 16:06:06 | 000,222,496 | ---- | M] (Acresso Corporation) -- C:\Documents and Settings\All Users\Application Data\FLEXnet\Connect\11\ISUSPM.exe PRC - [2009/04/07 10:13:10 | 000,673,616 | ---- | M] (SEIKO EPSON CORPORATION) -- C:\Program Files\Epson Software\Event Manager\EEventManager.exe PRC - [2008/11/07 14:31:38 | 021,633,320 | R--- | M] (Skype Technologies S.A.) -- C:\Program Files\Skype3\Phone\Skype.exe PRC - [2008/04/15 05:16:36 | 000,688,128 | ---- | M] () -- C:\Program Files\SkypeMate\SkypeMate.exe PRC - [2008/04/13 21:12:19 | 001,033,728 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe PRC - [2006/12/19 19:23:20 | 000,094,208 | ---- | M] (SEIKO EPSON CORPORATION) -- C:\Program Files\Common Files\EPSON\EBAPI\eEBSvc.exe PRC - [2006/12/19 09:31:34 | 000,286,720 | ---- | M] () -- C:\Program Files\Belkin Bulldog Plus\UPS-Service.exe PRC - [2006/11/15 12:22:24 | 000,069,632 | ---- | M] () -- C:\Program Files\Belkin Bulldog Plus\UPS-Status.exe PRC - [2006/07/06 08:15:00 | 000,151,552 | ---- | M] (Intel Corporation) -- C:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif.exe PRC - [2006/07/06 08:14:30 | 000,090,112 | ---- | M] (Intel Corporation) -- C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTmon.exe PRC - [2006/03/20 17:00:04 | 000,282,624 | ---- | M] (SigmaTel, Inc.) -- C:\WINDOWS\stsystra.exe PRC - [2006/03/03 22:03:10 | 000,069,632 | ---- | M] (HP) -- C:\WINDOWS\system32\HPZipm12.exe PRC - [2005/11/18 21:12:10 | 000,049,152 | ---- | M] ( U.S. Robotics Corporation) -- C:\WINDOWS\system32\3cshtdwn.exe PRC - [2005/11/18 21:12:04 | 000,073,728 | ---- | M] (U.S. Robotics Corporation) -- C:\WINDOWS\system32\3cmlink.exe PRC - [2002/08/14 16:21:16 | 000,200,704 | ---- | M] (Symantec Corporation) -- C:\Program Files\Symantec\Norton Ghost 2003\GhostStartService.exe [color=#E56717]========== Modules (No Company Name) ==========[/color] MOD - [2012/10/13 03:07:54 | 001,816,064 | ---- | M] () -- C:\Program Files\Alwil Software\Avast5\defs\12101300\algo.dll MOD - [2012/10/10 07:06:15 | 000,460,312 | ---- | M] () -- C:\Program Files\Google\Chrome\Application\22.0.1229.94\ppgooglenaclpluginchrome.dll MOD - [2012/10/10 07:06:13 | 012,435,992 | ---- | M] () -- C:\Program Files\Google\Chrome\Application\22.0.1229.94\PepperFlash\pepflashplayer.dll MOD - [2012/10/10 07:06:12 | 004,005,912 | ---- | M] () -- C:\Program Files\Google\Chrome\Application\22.0.1229.94\pdf.dll MOD - [2012/10/10 07:04:44 | 000,156,712 | ---- | M] () -- C:\Program Files\Google\Chrome\Application\22.0.1229.94\avutil-51.dll MOD - [2012/10/10 07:04:43 | 000,275,496 | ---- | M] () -- C:\Program Files\Google\Chrome\Application\22.0.1229.94\avformat-54.dll MOD - [2012/10/10 07:04:42 | 002,168,360 | ---- | M] () -- C:\Program Files\Google\Chrome\Application\22.0.1229.94\avcodec-54.dll MOD - [2012/08/23 01:12:16 | 000,019,840 | ---- | M] () -- C:\Program Files\Acronis\TrueImageHome\ti_managers_proxy_stub.dll MOD - [2012/08/23 00:42:50 | 000,435,584 | ---- | M] () -- C:\Program Files\Common Files\Acronis\Home\ulxmlrpcpp.dll MOD - [2012/08/23 00:32:28 | 001,525,120 | ---- | M] () -- C:\Program Files\Common Files\Acronis\Home\icudt38.dll MOD - [2012/08/16 11:23:46 | 000,520,464 | ---- | M] () -- C:\Documents and Settings\All Users\Application Data\Trusteer\Rapport\store\exts\RapportMS\baseline\RapportMS.dll MOD - [2012/07/06 14:29:48 | 003,365,592 | ---- | M] () -- C:\Program Files\Siber Systems\GoodSync\Gs-Server.exe MOD - [2012/06/14 06:24:38 | 000,212,992 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.ServiceProce#\8b84bb74d7724e147a642a1d5358feb7\System.ServiceProcess.ni.dll MOD - [2012/06/14 06:22:51 | 012,433,920 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\01abbadafaf265d9f4ac9bbb247acb98\System.Windows.Forms.ni.dll MOD - [2012/06/14 06:22:31 | 001,592,320 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Drawing\d86f2038209a4cf0d0f5b30f6375c9b2\System.Drawing.ni.dll MOD - [2012/06/14 06:18:52 | 002,933,248 | ---- | M] () -- C:\WINDOWS\assembly\GAC_32\System.Data\2.0.0.0__b77a5c561934e089\System.Data.dll MOD - [2012/06/14 06:18:47 | 000,261,632 | ---- | M] () -- C:\WINDOWS\assembly\GAC_32\System.Transactions\2.0.0.0__b77a5c561934e089\System.Transactions.dll MOD - [2012/05/11 07:42:23 | 000,627,200 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Transactions\41f6f6dd0c8427d4a8e6fd3915505a6b\System.Transactions.ni.dll MOD - [2012/05/11 07:41:54 | 000,971,264 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Configuration\3d5b7368bde0f65aa15d9f46b498cc89\System.Configuration.ni.dll MOD - [2012/05/11 07:39:15 | 005,450,752 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Xml\3bba1b8b0b5ef0be238b011cc7a0575e\System.Xml.ni.dll MOD - [2012/05/11 07:38:19 | 006,616,576 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Data\12c6fe8d4dd78f9bddf847d3b2821c03\System.Data.ni.dll MOD - [2012/05/11 07:27:28 | 007,953,408 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System\e4b5afc4da43b1c576f9322f9f2e1bfe\System.ni.dll MOD - [2012/05/11 07:26:44 | 011,492,352 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\mscorlib\e337c89bc9f81b69d7237aa70e935900\mscorlib.ni.dll MOD - [2012/02/01 14:43:10 | 000,557,056 | ---- | M] () -- C:\Program Files\Trusteer\Rapport\bin\js32.dll MOD - [2012/01/14 11:30:50 | 000,296,816 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\System.Data.SqlServerCe\3.5.1.0__89845dcd8080cc91\System.Data.SqlServerCe.dll MOD - [2011/11/03 12:28:36 | 001,292,288 | ---- | M] () -- C:\WINDOWS\system32\quartz.dll MOD - [2011/11/03 12:28:36 | 000,386,048 | ---- | M] () -- C:\WINDOWS\system32\qdvd.dll MOD - [2011/04/12 17:53:28 | 003,951,616 | ---- | M] () -- C:\Program Files\WinSplit Revolution\WinSplit.exe MOD - [2011/04/12 17:53:28 | 000,015,872 | ---- | M] () -- C:\Program Files\WinSplit Revolution\WinSplitDrvr32.exe MOD - [2011/04/12 17:53:28 | 000,013,312 | ---- | M] () -- C:\Program Files\WinSplit Revolution\WinSplitHook32.dll MOD - [2011/04/12 17:53:28 | 000,011,264 | ---- | M] () -- C:\Program Files\WinSplit Revolution\WinSplitLib.dll MOD - [2010/12/14 20:29:49 | 000,051,716 | ---- | M] () -- C:\WINDOWS\system32\pdf995mon.dll MOD - [2010/10/29 15:00:00 | 000,169,288 | R--- | M] () -- C:\Program Files\WinZip\UNRAR.DLL MOD - [2010/10/29 15:00:00 | 000,142,664 | R--- | M] () -- C:\Program Files\WinZip\LHA.DLL MOD - [2010/09/07 13:13:40 | 000,142,872 | ---- | M] () -- C:\Program Files\Alwil Software\Avast5\aswDld.dll MOD - [2009/09/16 03:09:00 | 000,180,224 | ---- | M] () -- C:\Program Files\D-Link\SharePort Utility\Svlscapi.dll MOD - [2009/08/26 03:37:30 | 000,241,664 | ---- | M] () -- C:\Program Files\NETGEAR\Stora Desktop Applications\HipServAgent\libupnp.dll MOD - [2009/03/12 16:45:32 | 000,135,168 | ---- | M] () -- C:\Program Files\Epson Software\Event Manager\Assistants\Scan Assistant\ScanEngine.dll MOD - [2008/12/05 03:42:46 | 000,614,400 | ---- | M] () -- C:\Program Files\SkypeMate\SkypeMate.dll MOD - [2008/11/21 14:58:42 | 000,057,344 | ---- | M] () -- C:\Program Files\Epson Software\Event Manager\Assistants\Scan Assistant\Satwain.dll MOD - [2008/04/15 05:16:36 | 000,688,128 | ---- | M] () -- C:\Program Files\SkypeMate\SkypeMate.exe MOD - [2008/04/13 21:12:03 | 000,562,176 | ---- | M] () -- C:\WINDOWS\system32\qedit.dll MOD - [2008/04/13 21:11:59 | 000,014,336 | ---- | M] () -- C:\WINDOWS\system32\msdmo.dll MOD - [2008/04/13 21:11:51 | 000,059,904 | ---- | M] () -- C:\WINDOWS\system32\devenum.dll MOD - [2006/12/19 09:31:34 | 000,286,720 | ---- | M] () -- C:\Program Files\Belkin Bulldog Plus\UPS-Service.exe MOD - [2006/11/15 12:22:24 | 000,069,632 | ---- | M] () -- C:\Program Files\Belkin Bulldog Plus\UPS-Status.exe MOD - [2005/08/24 11:47:46 | 000,045,056 | ---- | M] () -- C:\Program Files\Belkin Bulldog Plus\HIDDelta.dll [color=#E56717]========== Services (SafeList) ==========[/color] SRV - File not found [On_Demand | Stopped] -- C:\Program Files\D-Link\D-ViewCam\RmtDskServer.exe -- (NUUO Remote Desktop Server) SRV - File not found [On_Demand | Stopped] -- %SystemRoot%\System32\appmgmts.dll -- (AppMgmt) SRV - [2012/10/09 12:56:26 | 000,250,808 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc) SRV - [2012/10/02 12:13:44 | 003,064,000 | ---- | M] (Skype Technologies S.A.) [Disabled | Stopped] -- C:\Documents and Settings\All Users\Application Data\Skype\Toolbars\Skype C2C Service\c2c_service.exe -- (Skype C2C Service) SRV - [2012/09/05 22:08:10 | 003,696,632 | ---- | M] (Acronis) [Auto | Running] -- C:\Program Files\Common Files\Acronis\CDP\afcdpsrv.exe -- (afcdpsrv) SRV - [2012/08/29 12:03:36 | 001,385,896 | ---- | M] (LogMeIn Inc.) [Auto | Running] -- C:\Program Files\LogMeIn Hamachi\hamachi-2.exe -- (Hamachi2Svc) SRV - [2012/08/23 01:09:54 | 000,813,032 | ---- | M] (Acronis) [Auto | Running] -- C:\Program Files\Common Files\Acronis\Schedule2\schedul2.exe -- (AcrSch2Svc) SRV - [2012/08/18 21:18:30 | 007,017,888 | ---- | M] (Acronis) [Auto | Running] -- C:\Program Files\Common Files\Acronis\SyncAgent\syncagentsrv.exe -- (syncagentsrv) SRV - [2012/07/29 20:52:22 | 000,976,728 | ---- | M] (Trusteer Ltd.) [Auto | Running] -- C:\Program Files\Trusteer\Rapport\bin\RapportMgmtService.exe -- (RapportMgmtService) SRV - [2012/07/13 13:28:36 | 000,160,944 | R--- | M] (Skype Technologies) [Disabled | Stopped] -- C:\Program Files\Skype\Updater\Updater.exe -- (SkypeUpdate) SRV - [2012/07/06 14:29:48 | 003,365,592 | ---- | M] () [Auto | Running] -- C:\Program Files\Siber Systems\GoodSync\Gs-Server.exe -- (GsServer) SRV - [2012/04/20 17:18:06 | 000,723,288 | ---- | M] (LULU Software) [Auto | Running] -- C:\Program Files\Soda PDF 2012\ConversionService.exe -- (Soda PDF 2012 Service) SRV - [2012/04/20 17:18:00 | 000,705,880 | ---- | M] (LULU Software) [On_Demand | Stopped] -- C:\Program Files\Soda PDF 2012\HelperService.exe -- (Soda PDF 2012 Helper Service) SRV - [2011/10/07 13:04:20 | 000,136,584 | ---- | M] (LogMeIn, Inc.) [Auto | Running] -- C:\Program Files\LogMeIn\x86\ramaint.exe -- (LMIMaint) SRV - [2011/05/17 14:11:04 | 000,374,160 | ---- | M] (LogMeIn, Inc.) [Auto | Running] -- C:\Program Files\LogMeIn Ignition\LMIGuardianSvc.exe -- (LMIGuardianSvc) SRV - [2011/01/18 02:28:28 | 000,024,576 | ---- | M] (Intuit) [Auto | Running] -- C:\Program Files\Common Files\Intuit\QuickBooks\QBCFMonitorService.exe -- (QBCFMonitorService) SRV - [2010/11/08 13:04:20 | 000,390,528 | ---- | M] (LogMeIn, Inc.) [Auto | Running] -- C:\Program Files\LogMeIn\x86\LogMeIn.exe -- (LogMeIn) SRV - [2010/09/07 13:11:59 | 000,040,384 | ---- | M] (AVAST Software) [On_Demand | Running] -- C:\Program Files\Alwil Software\Avast5\AvastSvc.exe -- (avast! Web Scanner) SRV - [2010/09/07 13:11:59 | 000,040,384 | ---- | M] (AVAST Software) [On_Demand | Running] -- C:\Program Files\Alwil Software\Avast5\AvastSvc.exe -- (avast! Mail Scanner) SRV - [2010/09/07 13:11:59 | 000,040,384 | ---- | M] (AVAST Software) [Auto | Running] -- C:\Program Files\Alwil Software\Avast5\AvastSvc.exe -- (avast! Antivirus) SRV - [2010/03/09 00:40:36 | 000,144,672 | ---- | M] (Nuance Communications, Inc.) [Auto | Running] -- C:\Program Files\Nuance\PaperPort\PDFProFiltSrvPP.exe -- (PDFProFiltSrvPP) SRV - [2009/07/27 21:57:50 | 000,131,072 | ---- | M] (Intuit, Inc.) [Disabled | Stopped] -- C:\Program Files\Intuit\QuickBooks 2010\QBDBMgrN.exe -- (QuickBooksDB19) SRV - [2008/11/18 16:45:28 | 000,061,440 | ---- | M] (Intuit Inc.) [On_Demand | Stopped] -- C:\Program Files\Common Files\Intuit\QuickBooks\FCS\Intuit.QuickBooks.FCS.exe -- (QBFCService) SRV - [2006/12/19 19:23:20 | 000,094,208 | ---- | M] (SEIKO EPSON CORPORATION) [Auto | Running] -- C:\Program Files\Common Files\EPSON\EBAPI\eEBSvc.exe -- (EpsonBidirectionalService) SRV - [2006/12/19 09:31:34 | 000,286,720 | ---- | M] () [Auto | Running] -- C:\Program Files\Belkin Bulldog Plus\UPS-Service.exe -- (UPSentry_Smart) SRV - [2006/07/06 08:14:30 | 000,090,112 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTmon.exe -- (IAANTMON) SRV - [2006/03/03 22:03:10 | 000,069,632 | ---- | M] (HP) [Auto | Running] -- C:\WINDOWS\system32\HPZipm12.exe -- (Pml Driver HPZ12) SRV - [2002/08/14 16:21:16 | 000,200,704 | ---- | M] (Symantec Corporation) [Auto | Running] -- C:\Program Files\Symantec\Norton Ghost 2003\GhostStartService.exe -- (GhostStartService) [color=#E56717]========== Driver Services (SafeList) ==========[/color] DRV - File not found [Kernel | On_Demand | Stopped] -- -- (WDICA) DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\Rts516xIR.sys -- (Rts516xIR) DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDRFRAME) DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDRELI) DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDFRAME) DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDCOMP) DRV - File not found [Kernel | System | Stopped] -- -- (PCIDump) DRV - File not found [Kernel | System | Stopped] -- -- (lbrtfdc) DRV - File not found [Kernel | System | Stopped] -- -- (i2omgmt) DRV - File not found [Kernel | System | Stopped] -- -- (Changer) DRV - File not found [Kernel | On_Demand | Stopped] -- -- (bvrp_pci) DRV - [2012/09/05 22:08:13 | 000,234,752 | ---- | M] (Acronis) [File_System | On_Demand | Running] -- C:\WINDOWS\system32\drivers\afcdp.sys -- (afcdp) DRV - [2012/09/05 22:08:03 | 000,806,184 | ---- | M] (Acronis) [Kernel | Boot | Running] -- C:\WINDOWS\system32\drivers\tdrpman.sys -- (tdrpman) DRV - [2012/09/05 22:07:57 | 000,689,672 | ---- | M] (Acronis) [Kernel | Boot | Running] -- C:\WINDOWS\system32\drivers\tib_mounter.sys -- (tib_mounter) DRV - [2012/09/05 22:07:53 | 000,139,336 | ---- | M] (Acronis) [Kernel | Boot | Running] -- C:\WINDOWS\system32\drivers\vididr.sys -- (vididr) DRV - [2012/09/05 22:07:50 | 000,099,720 | ---- | M] (Acronis) [Kernel | Boot | Running] -- C:\WINDOWS\system32\drivers\vidsflt.sys -- (vidsflt) DRV - [2012/09/05 22:07:45 | 000,192,904 | ---- | M] (Acronis) [Kernel | Boot | Running] -- C:\WINDOWS\system32\drivers\snapman.sys -- (snapman) DRV - [2012/09/05 22:07:39 | 000,093,928 | ---- | M] (Acronis) [Kernel | Boot | Running] -- C:\WINDOWS\system32\drivers\fltsrv.sys -- (fltsrv) DRV - [2012/08/16 11:23:46 | 000,021,520 | ---- | M] (Trusteer Ltd.) [Kernel | On_Demand | Running] -- c:\Documents and Settings\All Users\Application Data\Trusteer\Rapport\store\exts\RapportMS\baseline\RapportIaso.sys -- (RapportIaso) DRV - [2012/08/16 11:23:45 | 000,228,376 | ---- | M] () [Kernel | System | Running] -- C:\Documents and Settings\All Users\Application Data\Trusteer\Rapport\store\exts\RapportCerberus\baseline\RapportCerberus32_42020.sys -- (RapportCerberus_42020) DRV - [2012/07/29 20:52:38 | 000,166,840 | ---- | M] (Trusteer Ltd.) [Kernel | System | Running] -- C:\Program Files\Trusteer\Rapport\bin\RapportPG.sys -- (RapportPG) DRV - [2012/07/29 20:52:38 | 000,071,480 | ---- | M] (Trusteer Ltd.) [Kernel | System | Running] -- C:\Program Files\Trusteer\Rapport\bin\RapportEI.sys -- (RapportEI) DRV - [2012/07/29 20:52:38 | 000,065,848 | ---- | M] (Trusteer Ltd.) [Kernel | Boot | Running] -- C:\WINDOWS\system32\drivers\RapportKELL.sys -- (RapportKELL) DRV - [2011/10/07 13:04:08 | 000,083,360 | ---- | M] (LogMeIn, Inc.) [File_System | Disabled | Stopped] -- C:\WINDOWS\System32\LMIRfsClientNP.dll -- (LMIRfsClientNP) DRV - [2011/08/17 10:56:30 | 000,008,192 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\usbser_lowerflt.sys -- (upperdev) DRV - [2011/08/17 10:56:26 | 000,023,168 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ccdcmbo.sys -- (nmwcdc) DRV - [2011/08/17 10:56:22 | 000,018,176 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ccdcmb.sys -- (nmwcd) DRV - [2010/11/11 11:27:44 | 000,354,176 | ---- | M] (TrueCrypt Foundation) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\supersafer.sys -- (supersafer) DRV - [2010/09/17 16:40:06 | 000,047,640 | ---- | M] (LogMeIn, Inc.) [File_System | Auto | Running] -- C:\WINDOWS\system32\drivers\LMIRfsDriver.sys -- (LMIRfsDriver) DRV - [2010/09/17 16:40:06 | 000,012,856 | ---- | M] (LogMeIn, Inc.) [Kernel | Auto | Running] -- C:\Program Files\LogMeIn\x86\rainfo.sys -- (LMIInfo) DRV - [2010/09/07 12:52:25 | 000,046,672 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\aswTdi.sys -- (aswTdi) DRV - [2010/09/07 12:52:03 | 000,165,584 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\aswSP.sys -- (aswSP) DRV - [2010/09/07 12:47:46 | 000,023,376 | ---- | M] (AVAST Software) [Kernel | On_Demand | Running] -- C:\WINDOWS\System32\drivers\aswRdr.sys -- (aswRdr) DRV - [2010/09/07 12:47:19 | 000,100,176 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\WINDOWS\System32\drivers\aswmon2.sys -- (aswMon2) DRV - [2010/09/07 12:47:07 | 000,017,744 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\WINDOWS\System32\drivers\aswFsBlk.sys -- (aswFsBlk) DRV - [2010/09/07 12:46:51 | 000,028,880 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\aavmker4.sys -- (Aavmker4) DRV - [2009/09/16 03:09:00 | 000,263,944 | R--- | M] (silex technology, Inc.) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\sxuptp.sys -- (sxuptp) DRV - [2009/03/18 17:35:40 | 000,026,176 | -H-- | M] (LogMeIn, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\hamachi.sys -- (hamachi) DRV - [2008/05/06 17:06:00 | 000,011,520 | ---- | M] (Western Digital Technologies) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\wdcsam.sys -- (WDC_SAM) DRV - [2008/02/15 17:20:12 | 000,152,576 | ---- | M] (Realtek Semiconductor Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\RTS5121.sys -- (RSUSBSTOR) DRV - [2007/11/30 19:34:08 | 000,040,960 | ---- | M] (Realtek Semiconductor Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\Rts5161ccid.sys -- (USBCCID) DRV - [2006/03/20 17:06:04 | 001,156,648 | ---- | M] (SigmaTel, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\sthda.sys -- (STHDA) DRV - [2005/11/18 21:02:00 | 000,329,056 | ---- | M] (U.S. Robotics Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\3c1807pd.sys -- (3c1807pd) DRV - [2004/08/03 19:31:34 | 000,020,992 | ---- | M] (Realtek Semiconductor Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\RTL8139.sys -- (rtl8139) DRV - [2002/08/14 16:11:16 | 000,005,632 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Program Files\Symantec\Norton Ghost 2003\GhPciScan.sys -- (GhPciScan) DRV - [2002/08/14 16:03:36 | 000,017,005 | ---- | M] (Adaptec) [Kernel | Auto | Running] -- C:\WINDOWS\System32\drivers\ASPI32.SYS -- (Aspi32) DRV - [2001/08/17 10:28:26 | 000,113,762 | ---- | M] (U.S. Robotics Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\USRpdA.sys -- (USRpdA) [color=#E56717]========== Standard Registry (SafeList) ==========[/color] [color=#E56717]========== Internet Explorer ==========[/color] IE - HKLM\..\SearchScopes,DefaultScope = {100AFC38-18BD-4929-9B39-BAB6C67322A5} IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://search.live.com/results.aspx?q={searchTerms}&src={referrer:source?} IE - HKLM\..\SearchScopes\{100AFC38-18BD-4929-9B39-BAB6C67322A5}: "URL" = http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7 IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.ca/ IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Restore = http://www.google.ca/ IE - HKCU\..\SearchScopes,DefaultScope = {100AFC38-18BD-4929-9B39-BAB6C67322A5} IE - HKCU\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC IE - HKCU\..\SearchScopes\{100AFC38-18BD-4929-9B39-BAB6C67322A5}: "URL" = http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7&rlz=1I7AURU_enCA499 IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 [color=#E56717]========== FireFox ==========[/color] FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=1.6.0_35: C:\WINDOWS\system32\npdeployJava1.dll (Sun Microsystems, Inc.) FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files\Java\jre6\bin\plugin2\npjp2.dll (Sun Microsystems, Inc.) FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files\Microsoft Silverlight\5.1.10411.0\npctrl.dll ( Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files\Google\Update\1.3.21.123\npGoogleUpdate3.dll (Google Inc.) FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files\Google\Update\1.3.21.123\npGoogleUpdate3.dll (Google Inc.) FF - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=2.0.2: C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN) [color=#E56717]========== Chrome ==========[/color] CHR - homepage: http://www.google.com/ CHR - default_search_provider: Google (Enabled) CHR - default_search_provider: search_url = {google:baseURL}search?q={searchTerms}&{google:RLZ}{google:acceptedSuggestion}{google:originalQueryForSuggestion}{google:assistedQueryStats}{google:searchFieldtrialParameter}sourceid=chrome&ie={inputEncoding} CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client=chrome&hl={language}&q={searchTerms} CHR - homepage: http://www.google.com/ CHR - plugin: Remoting Viewer (Enabled) = internal-remoting-viewer CHR - plugin: Native Client (Enabled) = C:\Program Files\Google\Chrome\Application\22.0.1229.94\ppGoogleNaClPluginChrome.dll CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Program Files\Google\Chrome\Application\22.0.1229.94\pdf.dll CHR - plugin: Shockwave Flash (Enabled) = C:\Program Files\Google\Chrome\Application\22.0.1229.94\gcswf32.dll CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Program Files\QuickTime\plugins\npqtplugin.dll CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Program Files\QuickTime\plugins\npqtplugin2.dll CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Program Files\QuickTime\plugins\npqtplugin3.dll CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Program Files\QuickTime\plugins\npqtplugin4.dll CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Program Files\QuickTime\plugins\npqtplugin5.dll CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Program Files\QuickTime\plugins\npqtplugin6.dll CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Program Files\QuickTime\plugins\npqtplugin7.dll CHR - plugin: Microsoft\u00AE DRM (Enabled) = C:\Program Files\Windows Media Player\npdrmv2.dll CHR - plugin: Microsoft\u00AE DRM (Enabled) = C:\Program Files\Windows Media Player\npwmsdrm.dll CHR - plugin: Windows Media Player Plug-in Dynamic Link Library (Enabled) = C:\Program Files\Windows Media Player\npdsplay.dll CHR - plugin: Google Update (Enabled) = C:\Program Files\Google\Update\1.3.21.111\npGoogleUpdate3.dll CHR - plugin: Java(TM) Platform SE 6 U33 (Enabled) = C:\Program Files\Java\jre6\bin\plugin2\npjp2.dll CHR - plugin: Java Deployment Toolkit 6.0.330.5 (Enabled) = C:\WINDOWS\system32\npdeployJava1.dll CHR - plugin: Silverlight Plug-In (Enabled) = C:\Program Files\Microsoft Silverlight\5.1.10411.0\npctrl.dll CHR - plugin: VLC Web Plugin (Enabled) = C:\Program Files\VideoLAN\VLC\npvlc.dll CHR - plugin: Windows Presentation Foundation (Enabled) = C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll CHR - Extension: YouTube = C:\Documents and Settings\Store\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0\ CHR - Extension: Google Search = C:\Documents and Settings\Store\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.19_0\ CHR - Extension: Skype Click to Call = C:\Documents and Settings\Store\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl\6.3.0.11079_0\ CHR - Extension: Gmail = C:\Documents and Settings\Store\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0\ O1 HOSTS File: ([2011/10/01 11:27:45 | 000,000,763 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts O1 - Hosts: 127.0.0.1 localhost O1 - Hosts: 192.168.2.21 HP0016354CB30B O2 - BHO: (PlusIEEventHelper Class) - {551A852F-39A6-44A7-9C13-AFBEC9185A9D} - C:\Program Files\Nuance\PDF Viewer Plus\bin\PlusIEContextMenu.dll (Zeon Corporation) O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll (Sun Microsystems, Inc.) O2 - BHO: (Skype Browser Helper) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.) O2 - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.7.7529.1424\swg.dll (Google Inc.) O2 - BHO: (Soda PDF 2012 Helper) - {ebe8b562-cba0-40d8-b920-af7cfe0c9d94} - C:\Program Files\Soda PDF 2012\PDFIEHelper.dll (LULU Software) O3 - HKLM\..\Toolbar: (Soda PDF 2012 Toolbar) - {a8c9d542-fd91-4834-a2e8-adb9ae692b8b} - C:\Program Files\Soda PDF 2012\PDFIEPlugin.dll (LULU Software) O4 - HKLM..\Run: [3c1807pd] C:\WINDOWS\SYSTEM32\3cmlink.exe RunServices \Device\3cpipe-3c1807pd File not found O4 - HKLM..\Run: [Acronis Scheduler2 Service] C:\Program Files\Common Files\Acronis\Schedule2\schedhlp.exe (Acronis) O4 - HKLM..\Run: [AcronisTibMounterMonitor] C:\Program Files\Common Files\Acronis\TibMounter\TibMounterMonitor.exe (Acronis) O4 - HKLM..\Run: [APSDaemon] C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc.) O4 - HKLM..\Run: [avast5] C:\Program Files\Alwil Software\Avast5\avastUI.exe (AVAST Software) O4 - HKLM..\Run: [EEventManager] C:\Program Files\Epson Software\Event Manager\EEventManager.exe (SEIKO EPSON CORPORATION) O4 - HKLM..\Run: [FUFAXSTM] C:\Program Files\Epson Software\FAX Utility\FUFAXSTM.exe (SEIKO EPSON CORPORATION) O4 - HKLM..\Run: [HipServ Agent] C:\Program Files\NETGEAR\Stora Desktop Applications\HipServAgent\HipServAgent.exe (Axentra Corporation) O4 - HKLM..\Run: [IAAnotif] C:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif.exe (Intel Corporation) O4 - HKLM..\Run: [IndexSearch] C:\Program Files\Nuance\PaperPort\IndexSearch.exe (Nuance Communications, Inc.) O4 - HKLM..\Run: [Intuit SyncManager] C:\Program Files\Common Files\Intuit\Sync\IntuitSyncManager.exe (Intuit Inc. All rights reserved.) O4 - HKLM..\Run: [LogMeIn GUI] C:\Program Files\LogMeIn\x86\LogMeInSystray.exe (LogMeIn, Inc.) O4 - HKLM..\Run: [LogMeIn Hamachi Ui] C:\Program Files\LogMeIn Hamachi\hamachi-2-ui.exe (LogMeIn Inc.) O4 - HKLM..\Run: [MySync] C:\Program Files\MySync for HipServ\MySync.exe File not found O4 - HKLM..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe (Ahead Software Gmbh) O4 - HKLM..\Run: [NUUO Remote Desktop Server] "C:\Program Files\D-Link\D-ViewCam\RmtDskServer.exe" -servicehelper File not found O4 - HKLM..\Run: [OSSelectorReinstall] C:\Program Files\Common Files\Acronis\Acronis Disk Director\oss_reinstall.exe () O4 - HKLM..\Run: [PaperPort PTD] C:\Program Files\Nuance\PaperPort\pptd40nt.exe (Nuance Communications, Inc.) O4 - HKLM..\Run: [PDF5 Registry Controller] C:\Program Files\Nuance\PDF Viewer Plus\RegistryController.exe (Nuance Communications, Inc.) O4 - HKLM..\Run: [PDFHook] C:\Program Files\Nuance\PDF Viewer Plus\pdfPro5Hook.exe (Nuance Communications, Inc.) O4 - HKLM..\Run: [PPort12reminder] C:\Program Files\Nuance\PaperPort\Ereg\Ereg.exe (Nuance Communications, Inc.) O4 - HKLM..\Run: [QuickBooksDB19] C:\Program Files\Intuit\QuickBooks 2010\QBDBMgrN.exe (Intuit, Inc.) O4 - HKLM..\Run: [SigmatelSysTrayApp] C:\WINDOWS\stsystra.exe (SigmaTel, Inc.) O4 - HKLM..\Run: [SpotmauSecretary] C:\Program Files\Spotmau\PowerSuite Golden Edition\Desktop_Secretary.exe File not found O4 - HKLM..\Run: [TrueImageMonitor.exe] C:\Program Files\Acronis\TrueImageHome\TrueImageMonitor.exe (Acronis) O4 - HKLM..\Run: [UIUCU] C:\Documents and Settings\Store\Local Settings\Temp\UIUCU.EXE (Conexant Systems, Inc.) O4 - HKLM..\Run: [UPS-Status] C:\Program Files\Belkin Bulldog Plus\UPS-Status.exe () O4 - HKLM..\Run: [USRpdA] File not found O4 - HKCU..\Run: [ISUSPM] C:\Documents and Settings\All Users\Application Data\FLEXnet\Connect\11\ISUSPM.exe (Acresso Corporation) O4 - HKCU..\Run: [Skype] C:\Program Files\Skype3\Phone\Skype.exe (Skype Technologies S.A.) O4 - HKCU..\Run: [Winsplit] C:\Program Files\WinSplit Revolution\WinSplit.exe () O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\PHOTOfunSTUDIO 6.1 HD Lite Edition.lnk = C:\Program Files\Common Files\Panasonic\PHOTOfunSTUDIO AutoStart\AutoStartupService.exe (Panasonic Corporation) O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\QuickBooks Update Agent.lnk = C:\Program Files\Common Files\Intuit\QuickBooks\QBUpdate\qbupdate.exe (Intuit Canada ULC.) O4 - Startup: C:\Documents and Settings\Store\Start Menu\Programs\Startup\SharePort Utility.lnk = C:\Program Files\D-Link\SharePort Utility\Connect.exe (D-Link Corporation) O4 - Startup: C:\Documents and Settings\Store\Start Menu\Programs\Startup\SkypeMate.lnk = C:\Program Files\SkypeMate\SkypeMate.exe () O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLinkedConnections = 1 O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145 O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoRecentDocsNetHood = 1 O8 - Extra context menu item: Open with PDF Viewer Plus - C:\Program Files\Nuance\PDF Viewer Plus\Bin\PlusIEContextMenu.dll (Zeon Corporation) O9 - Extra Button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.) O16 - DPF: {02BCC737-B171-4746-94C9-0D8A0B2C0089} http://office.microsoft.com/sites/production/ieawsdc32.cab (Microsoft Office Template and Media Control) O16 - DPF: {12193C65-F0E1-4DD1-AD4E-DB73C6911011} file:///E:/activeX/DCP.cab (DCPForm Control 1.0.1.1) O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} http://download.microsoft.com/download/E/5/6/E5611B10-0D6D-4117-8430-A67417AA88CD/LegitCheckControl.cab (Windows Genuine Advantage Validation Tool) O16 - DPF: {48A5DF03-A77C-4C9F-95C9-CEDC34631004} http://30014144.mydlink.com/activeX//DCPP.cab (DCPP Control 1.0.0.4) O16 - DPF: {57AF0810-BDA7-47A5-B02D-FDA1073C04B0} http://30014144.mydlink.com/activeX//TunnelX.ocx (TunnelX Control DCS-v1.3.9.0) O16 - DPF: {7191F0AC-D686-46A8-BFCC-EA61778C74DD} https://www.mydlink.com/8D/activeX//aplugLiteDL.cab (Gif89 Lite +Audio Class) O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_35-windows-i586.cab (Java Plug-in 1.6.0_35) O16 - DPF: {CAFEEFAC-0015-0000-0006-ABCDEFFEDCBA} http://java.sun.com/update/1.5.0/jinstall-1_5_0_06-windows-i586.cab (Reg Error: Key error.) O16 - DPF: {CAFEEFAC-0016-0000-0035-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_35-windows-i586.cab (Java Plug-in 1.6.0_35) O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_35-windows-i586.cab (Java Plug-in 1.6.0_35) O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab (Shockwave Flash Object) O16 - DPF: {FD0B6769-6490-4A91-AA0A-B5AE0DC75AC9} https://secure.logmein.com//activex/ractrl.cab?lmi=928 (Performance Viewer Activex Control) O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{9C3FD38B-D7E4-4277-94B4-09FC0531B4EA}: DhcpNameServer = 192.168.0.1 O18 - Protocol\Handler\intu-help-qb2 {84D77A00-41B5-4b8b-8ADF-86486D72E749} - C:\Program Files\Intuit\QuickBooks 2010\HelpAsyncPluggableProtocol.dll (Intuit, Inc.) O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies) O18 - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.) O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation) O20 - HKLM Winlogon: UserInit - (C:\WINDOWS\system32\userinit.exe) - C:\WINDOWS\system32\userinit.exe (Microsoft Corporation) O20 - Winlogon\Notify\LMIinit: DllName - (LMIinit.dll) - C:\WINDOWS\System32\LMIinit.dll (LogMeIn, Inc.) O24 - Desktop WallPaper: C:\Documents and Settings\Store\Local Settings\Application Data\Microsoft\Wallpaper1.bmp O24 - Desktop BackupWallPaper: C:\Documents and Settings\Store\Local Settings\Application Data\Microsoft\Wallpaper1.bmp O32 - HKLM CDRom: AutoRun - 1 O32 - AutoRun File - [2010/12/13 16:37:01 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ] O34 - HKLM BootExecute: (autocheck autochk *) O34 - HKLM BootExecute: (auto_reactivate \\?\Volume{cc4b30ca-06b8-11e0-8fe2-806d6172696f}\bootwiz\asrm.bin) O35 - HKLM\..comfile [open] -- "%1" %* O35 - HKLM\..exefile [open] -- "%1" %* O37 - HKLM\...com [@ = comfile] -- "%1" %* O37 - HKLM\...exe [@ = exefile] -- "%1" %* O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3) O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2) [color=#E56717]========== Files/Folders - Created Within 30 Days ==========[/color] [2012/10/08 18:48:26 | 000,000,000 | ---D | C] -- D:\Store Stuff\com.axentra.Nomad [2012/10/08 18:37:35 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Store\Application Data\SkypeMate [2012/10/08 18:36:36 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\SkypeMate [2012/10/08 18:36:33 | 000,000,000 | ---D | C] -- C:\Program Files\SkypeMate [2012/10/08 10:02:42 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Store\.ssh [2012/10/08 09:59:39 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Store\Application Data\DesktopMirror [2012/10/07 22:44:00 | 000,000,000 | ---D | C] -- D:\Store Stuff\Contacts [2012/10/07 16:43:43 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\Skype [2012/10/07 16:43:42 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Skype [2012/10/07 16:37:01 | 000,000,000 | ---D | C] -- C:\Program Files\Skype3 [2012/10/07 15:52:34 | 000,000,000 | ---D | C] -- C:\Program Files\Copy of Skype 3_8 [2012/10/07 15:50:56 | 000,000,000 | R--D | C] -- C:\Program Files\Skype [2012/10/07 15:46:27 | 000,000,000 | R--D | C] -- C:\Program Files\Copy of Skype5 [2012/10/07 15:26:36 | 000,000,000 | ---D | C] -- D:\Store Stuff\Stora [2012/10/07 15:16:40 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Store\Application Data\com.axentra.Nomad [2012/10/07 15:15:25 | 000,000,000 | ---D | C] -- C:\Program Files\Axentra [2012/10/07 15:13:57 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Store\.unison [2012/10/07 11:29:29 | 000,000,000 | ---D | C] -- D:\Store Stuff\Excel [2012/10/07 11:13:10 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\VCardExport [2012/10/07 11:12:59 | 000,000,000 | ---D | C] -- C:\Program Files\VCardExportTool [2012/10/05 15:38:07 | 000,000,000 | ---D | C] -- D:\Store Stuff\Amex [color=#E56717]========== Files - Modified Within 30 Days ==========[/color] [2012/10/13 09:14:10 | 000,000,049 | ---- | M] () -- C:\WINDOWS\NeroDigital.ini [2012/10/13 09:14:09 | 000,028,160 | ---- | M] () -- C:\Documents and Settings\Store\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini [2012/10/13 09:10:32 | 000,009,317 | ---- | M] () -- C:\Documents and Settings\Store\Desktop\Forecast Ingonish.url [2012/10/13 09:00:03 | 000,000,282 | ---- | M] () -- C:\WINDOWS\tasks\GoodSync - Wintax.job [2012/10/13 08:56:00 | 000,000,830 | ---- | M] () -- C:\WINDOWS\tasks\Adobe Flash Player Updater.job [2012/10/13 08:53:00 | 000,000,884 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job [2012/10/13 07:05:07 | 000,000,422 | -H-- | M] () -- C:\WINDOWS\tasks\User_Feed_Synchronization-{45B02FBF-A1CA-4DBD-8EA2-3D3FF0F7C863}.job [2012/10/13 07:02:05 | 000,000,880 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job [2012/10/13 07:01:07 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat [2012/10/12 22:06:34 | 000,000,326 | ---- | M] () -- C:\WINDOWS\tasks\GoodSync - Store to stora.job [2012/10/12 21:00:46 | 000,000,290 | ---- | M] () -- C:\WINDOWS\tasks\GoodSync - Store Docs.job [2012/10/12 08:21:04 | 000,002,497 | ---- | M] () -- C:\Documents and Settings\Store\Desktop\Word.lnk [2012/10/12 07:57:54 | 000,001,813 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Google Chrome.lnk [2012/10/11 15:32:07 | 000,000,316 | ---- | M] () -- C:\Documents and Settings\Store\Desktop\BMO Business.url [2012/10/11 07:07:50 | 000,001,393 | ---- | M] () -- C:\WINDOWS\imsins.BAK [2012/10/10 18:36:10 | 001,118,693 | ---- | M] () -- C:\Documents and Settings\Store\Desktop\Marcelle Barbados Dominica.pdf [2012/10/09 13:43:59 | 000,000,408 | ---- | M] () -- C:\Documents and Settings\Store\Desktop\IA - CyberClient.url [2012/10/09 08:11:02 | 000,002,437 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\HipServ Nomad.lnk [2012/10/09 00:04:49 | 000,000,121 | ---- | M] () -- C:\Documents and Settings\Store\Desktop\Blurb Canada.url [2012/10/08 18:36:36 | 000,000,652 | ---- | M] () -- C:\Documents and Settings\Store\Start Menu\Programs\Startup\SkypeMate.lnk [2012/10/08 16:53:21 | 000,002,265 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Skype.lnk [2012/10/08 09:49:27 | 000,002,206 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl [2012/10/07 17:59:42 | 000,002,495 | ---- | M] () -- C:\Documents and Settings\Store\Desktop\Excel.lnk [2012/10/07 17:54:43 | 000,000,693 | ---- | M] () -- C:\Documents and Settings\Store\Desktop\SkypeSpeeddial.exe.lnk [2012/10/07 16:38:30 | 000,000,705 | ---- | M] () -- C:\Documents and Settings\Store\Desktop\Skype5.lnk [2012/10/07 16:37:49 | 000,000,663 | ---- | M] () -- C:\Documents and Settings\Store\Desktop\Skype3.lnk [2012/10/07 13:10:12 | 000,000,518 | ---- | M] () -- C:\Documents and Settings\Store\Desktop\Blank chequeNobg.lnk [color=#E56717]========== Files Created - No Company Name ==========[/color] [2012/10/10 18:36:06 | 001,118,693 | ---- | C] () -- C:\Documents and Settings\Store\Desktop\Marcelle Barbados Dominica.pdf [2012/10/09 13:43:59 | 000,000,408 | ---- | C] () -- C:\Documents and Settings\Store\Desktop\IA - CyberClient.url [2012/10/09 00:04:49 | 000,000,121 | ---- | C] () -- C:\Documents and Settings\Store\Desktop\Blurb Canada.url [2012/10/08 21:47:11 | 005,509,632 | ---- | C] () -- C:\Documents and Settings\Store\Desktop\P1010493.JPG [2012/10/08 18:36:36 | 000,000,652 | ---- | C] () -- C:\Documents and Settings\Store\Start Menu\Programs\Startup\SkypeMate.lnk [2012/10/08 16:04:12 | 000,222,190 | ---- | C] () -- C:\Documents and Settings\LocalService\Local Settings\Application Data\WPFFontCache_v0400-S-1-5-21-583907252-308236825-682003330-1004-0.dat [2012/10/07 17:55:42 | 000,000,693 | ---- | C] () -- C:\Documents and Settings\Store\Desktop\SkypeSpeeddial.exe.lnk [2012/10/07 16:38:30 | 000,000,705 | ---- | C] () -- C:\Documents and Settings\Store\Desktop\Skype5.lnk [2012/10/07 16:37:49 | 000,000,663 | ---- | C] () -- C:\Documents and Settings\Store\Desktop\Skype3.lnk [2012/10/07 15:50:59 | 000,002,265 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Skype.lnk [2012/10/07 15:16:24 | 000,002,437 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\HipServ Nomad.lnk [2012/10/07 13:10:10 | 000,000,518 | ---- | C] () -- C:\Documents and Settings\Store\Desktop\Blank chequeNobg.lnk [2012/06/13 23:22:33 | 000,000,553 | ---- | C] () -- C:\Documents and Settings\Store\Shortcut to Desktop.lnk [2012/02/23 23:18:37 | 000,222,190 | ---- | C] () -- C:\Documents and Settings\LocalService\Local Settings\Application Data\WPFFontCache_v0400-System.dat [2012/02/15 08:02:42 | 000,003,072 | ---- | C] () -- C:\WINDOWS\System32\iacenc.dll [2012/01/14 11:37:49 | 000,001,146 | ---- | C] () -- C:\WINDOWS\System32\EPPICPresetData_DU.dat [2012/01/14 11:37:49 | 000,001,120 | ---- | C] () -- C:\WINDOWS\System32\EPPICPresetData_IT.dat [2012/01/14 11:37:49 | 000,001,107 | ---- | C] () -- C:\WINDOWS\System32\EPPICPresetData_GE.dat [2012/01/14 10:36:59 | 005,386,240 | ---- | C] () -- C:\WINDOWS\System32\RTS5121icon.dll [2011/10/19 22:58:35 | 000,000,246 | ---- | C] () -- C:\WINDOWS\Brpfx04a.ini [2011/10/19 22:58:35 | 000,000,093 | ---- | C] () -- C:\WINDOWS\brpcfx.ini [2011/10/19 22:56:56 | 000,045,056 | ---- | C] () -- C:\WINDOWS\System32\BRTCPCON.DLL [2011/10/19 22:56:49 | 000,000,114 | ---- | C] () -- C:\WINDOWS\System32\BRLMW03A.INI [2011/10/19 22:56:48 | 000,000,050 | ---- | C] () -- C:\WINDOWS\System32\BRADM10A.DAT [2011/09/30 19:45:05 | 000,000,025 | ---- | C] () -- C:\WINDOWS\System32\sysogg.dll [2011/09/30 19:40:43 | 000,233,472 | ---- | C] () -- C:\WINDOWS\System32\lame_enc.dll [2011/08/26 14:30:21 | 000,028,160 | ---- | C] () -- C:\Documents and Settings\Store\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini [2011/07/03 11:45:06 | 000,000,218 | ---- | C] () -- C:\Documents and Settings\Store\.recently-used.xbel [2011/06/30 14:44:30 | 000,000,049 | ---- | C] () -- C:\WINDOWS\NeroDigital.ini [2011/06/26 20:25:11 | 000,200,704 | ---- | C] () -- C:\WINDOWS\System32\igfxCoIn_v4704.dll [2011/05/05 17:44:19 | 000,000,056 | -H-- | C] () -- C:\WINDOWS\System32\ezsidmv.dat [2010/12/31 09:45:16 | 000,053,248 | ---- | C] () -- C:\WINDOWS\System32\zlib.dll [2010/12/21 11:29:47 | 001,414,408 | ---- | C] () -- C:\WINDOWS\System32\DcsCliCtrl.dll [2010/12/15 21:25:48 | 000,077,824 | R--- | C] () -- C:\WINDOWS\System32\HPZIDS01.dll [2010/12/15 21:25:24 | 000,000,141 | ---- | C] () -- C:\WINDOWS\System32\AddPort.ini [2010/12/15 21:24:59 | 000,000,684 | ---- | C] () -- C:\WINDOWS\hpntwksetup.ini [2010/12/15 10:46:34 | 000,045,056 | ---- | C] () -- C:\WINDOWS\System32\KmRemove.exe [2010/12/14 21:49:30 | 002,771,968 | ---- | C] () -- C:\WINDOWS\System32\wxmsw28u_core_vc_custom.dll [2010/12/14 21:49:30 | 001,163,776 | ---- | C] () -- C:\WINDOWS\System32\wxbase28u_vc_custom.dll [2010/12/14 21:49:30 | 000,681,472 | ---- | C] () -- C:\WINDOWS\System32\wxmsw28u_adv_vc_custom.dll [2010/12/14 21:49:30 | 000,492,032 | ---- | C] () -- C:\WINDOWS\System32\wxmsw28u_xrc_vc_custom.dll [2010/12/14 21:49:30 | 000,470,528 | ---- | C] () -- C:\WINDOWS\System32\wxmsw28u_html_vc_custom.dll [2010/12/14 21:49:30 | 000,119,808 | ---- | C] () -- C:\WINDOWS\System32\wxbase28u_net_vc_custom.dll [2010/12/14 21:49:30 | 000,118,784 | ---- | C] () -- C:\WINDOWS\System32\wxbase28u_xml_vc_custom.dll [2010/12/14 20:31:26 | 000,000,028 | ---- | C] () -- C:\WINDOWS\pdf995.ini [2010/12/14 20:29:49 | 000,051,716 | ---- | C] () -- C:\WINDOWS\System32\pdf995mon.dll [2010/12/14 20:29:49 | 000,000,117 | ---- | C] () -- C:\WINDOWS\wpd99.drv [2010/12/14 00:55:54 | 000,000,000 | ---- | C] () -- C:\WINDOWS\EEventManager.INI [2010/12/14 00:39:39 | 000,000,000 | ---- | C] () -- C:\Documents and Settings\Store\Application Data\SuperSafer.cfg [2010/12/14 00:11:16 | 000,000,097 | ---- | C] () -- C:\WINDOWS\System32\PICSDK.ini [2010/12/14 00:11:15 | 000,111,932 | ---- | C] () -- C:\WINDOWS\System32\EPPICPrinterDB.dat [2010/12/14 00:11:15 | 000,031,053 | ---- | C] () -- C:\WINDOWS\System32\EPPICPattern131.dat [2010/12/14 00:11:15 | 000,029,114 | ---- | C] () -- C:\WINDOWS\System32\EPPICPattern1.dat [2010/12/14 00:11:15 | 000,027,417 | ---- | C] () -- C:\WINDOWS\System32\EPPICPattern121.dat [2010/12/14 00:11:15 | 000,021,021 | ---- | C] () -- C:\WINDOWS\System32\EPPICPattern3.dat [2010/12/14 00:11:15 | 000,015,670 | ---- | C] () -- C:\WINDOWS\System32\EPPICPattern5.dat [2010/12/14 00:11:15 | 000,013,280 | ---- | C] () -- C:\WINDOWS\System32\EPPICPattern2.dat [2010/12/14 00:11:15 | 000,010,673 | ---- | C] () -- C:\WINDOWS\System32\EPPICPattern4.dat [2010/12/14 00:11:15 | 000,004,943 | ---- | C] () -- C:\WINDOWS\System32\EPPICPattern6.dat [2010/12/14 00:11:15 | 000,001,140 | ---- | C] () -- C:\WINDOWS\System32\EPPICPresetData_PT.dat [2010/12/14 00:11:15 | 000,001,140 | ---- | C] () -- C:\WINDOWS\System32\EPPICPresetData_BP.dat [2010/12/14 00:11:15 | 000,001,137 | ---- | C] () -- C:\WINDOWS\System32\EPPICPresetData_ES.dat [2010/12/14 00:11:15 | 000,001,130 | ---- | C] () -- C:\WINDOWS\System32\EPPICPresetData_FR.dat [2010/12/14 00:11:15 | 000,001,130 | ---- | C] () -- C:\WINDOWS\System32\EPPICPresetData_CF.dat [2010/12/14 00:11:15 | 000,001,104 | ---- | C] () -- C:\WINDOWS\System32\EPPICPresetData_EN.dat [2010/12/14 00:08:51 | 000,000,090 | ---- | C] () -- C:\WINDOWS\EPART810.ini [2010/12/13 20:01:03 | 000,000,376 | ---- | C] () -- C:\WINDOWS\ODBC.INI [2010/12/13 18:07:01 | 000,000,090 | ---- | C] () -- C:\WINDOWS\QBChanUtil_Trigger.ini [2010/12/13 17:58:10 | 000,000,000 | ---- | C] () -- C:\WINDOWS\apmanage.INI [2010/12/13 16:50:57 | 000,447,120 | ---- | C] () -- C:\WINDOWS\System32\igmedkrn.dll [2010/12/13 16:50:57 | 000,192,512 | ---- | C] () -- C:\WINDOWS\System32\igfxCoIn_v4642.dll [2010/12/13 16:39:02 | 000,002,048 | --S- | C] () -- C:\WINDOWS\bootstat.dat [2010/12/13 16:34:27 | 000,021,640 | ---- | C] () -- C:\WINDOWS\System32\emptyregdb.dat [2010/12/13 10:26:50 | 000,004,161 | ---- | C] () -- C:\WINDOWS\ODBCINST.INI [2010/12/13 10:25:55 | 000,232,776 | ---- | C] () -- C:\WINDOWS\System32\FNTCACHE.DAT [color=#E56717]========== ZeroAccess Check ==========[/color] [2010/12/13 18:04:39 | 000,000,227 | RHS- | M] () -- C:\WINDOWS\assembly\Desktop.ini [HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] [HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] "" = %SystemRoot%\system32\shdocvw.dll -- [2010/11/05 02:05:36 | 001,510,400 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Apartment [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] "" = C:\WINDOWS\system32\wbem\fastprox.dll -- [2009/02/09 09:10:48 | 000,473,600 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Free [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] "" = C:\WINDOWS\system32\wbem\wbemess.dll -- [2008/04/13 21:12:08 | 000,273,920 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Both [color=#E56717]========== LOP Check ==========[/color] [2012/09/05 22:10:11 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Acronis [2010/12/13 17:33:29 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Alwil Software [2012/09/04 11:46:14 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\boost_interprocess [2010/12/13 18:07:00 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\COMMON FILES [2012/03/13 14:42:00 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Driver Manager [2010/12/14 00:13:44 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\EPSON [2012/06/13 22:27:15 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\GoodSync [2012/10/13 07:01:56 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\LogMeIn [2011/10/19 23:09:58 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Nuance [2012/01/14 12:52:18 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Panasonic [2012/10/12 23:07:09 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\pdf995 [2011/10/19 22:53:41 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\ScanSoft [2010/12/14 21:49:50 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Spotmau [2010/12/13 18:13:03 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\SQL Anywhere 10 [2012/08/16 11:22:31 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Trusteer [2011/07/03 13:21:24 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\WinZip [2011/05/05 17:34:43 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Wisco [2011/10/19 22:54:24 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\zeon [2012/09/05 22:07:56 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Store\Application Data\22F9C682-777B-41BC-BC9E-A3A46B8616BC [2011/06/25 21:44:54 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Store\Application Data\32B03F75-A7BB-4A1E-AA8A-784048A886B9 [2011/08/24 09:03:57 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Store\Application Data\A211B74D-D436-4BB1-BF6D-26ACCD7E6370 [2012/07/05 10:38:05 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Store\Application Data\AceTax 2011 [2010/12/15 17:32:16 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Store\Application Data\Acronis [2012/10/11 13:59:01 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Store\Application Data\BitTorrent [2012/10/07 15:16:40 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Store\Application Data\com.axentra.Nomad [2012/09/04 10:05:14 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Store\Application Data\CometPlayer [2011/05/05 19:08:49 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Store\Application Data\DEF56809-EDBD-4B7C-9980-231D39830794 [2012/10/08 09:59:42 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Store\Application Data\DesktopMirror [2011/11/27 21:53:03 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Store\Application Data\DlinkViewCam [2010/12/14 00:16:19 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Store\Application Data\Epson [2012/08/09 10:49:46 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Store\Application Data\GetRightToGo [2011/07/03 11:40:53 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Store\Application Data\gnupg [2012/10/13 09:00:00 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Store\Application Data\GoodSync [2010/12/14 21:59:19 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Store\Application Data\ImgBurn [2010/12/13 18:02:00 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Store\Application Data\Itsth [2010/12/14 00:14:59 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Store\Application Data\Leadertech [2012/07/17 14:57:23 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Store\Application Data\LogMeInIgnition [2011/10/19 23:08:34 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Store\Application Data\Nuance [2011/10/11 17:09:53 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Store\Application Data\Opera [2012/07/05 17:21:42 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Store\Application Data\PDF Software [2010/12/14 20:31:26 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Store\Application Data\pdf995 [2012/09/04 11:49:20 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Store\Application Data\tigerplayer [2011/10/26 20:07:13 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Store\Application Data\VirtualStore [2012/07/14 22:18:33 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Store\Application Data\Winsplit Revolution [2011/10/19 23:08:54 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Store\Application Data\Zeon [color=#E56717]========== Purity Check ==========[/color] < End of report >